Main Area and Open Discussion > General Software Discussion
Raymond.cc compares antivirus memory usage
barney:
I believe it's interesting to report the experience of a certain guy who is very busy about security. After years of experience, now he no longer uses an antivirus, but his purpose is reducing the "attack surface".
-Giampy (May 29, 2013, 03:40 PM)
--- End quote ---
Sounds a lot like Steve Gibson.
The point of an AV software is to block what was already known, and to update its database to include what's recently been discovered.
-ajfudge (May 29, 2013, 02:26 PM)
--- End quote ---
And that's something that damned few of 'em do at all, much less do well. All they do is provide a false sense of security, letting folk think they can go anywhere and do anything on the Web with complete impunity.
use a security sandbox
-ajfudge (May 29, 2013, 02:26 PM)
--- End quote ---
There are folk here that use virtualization, e.g. VirtualBox, for browsing. Others use one or another of the extant sandbox programs. And that does supply a degree of protection, although CPU/RAM usage may suffer. But even that can be circumvented: I want a particular program, video, song, so I move it out of the sandbox. Then I open it and become contaminated. I am quite possibly now a disease vector for anything else I touch, network-wise.
All any anti-malware software [of which I am aware] does is the same thing as that fenced domicile - provide a false sense of security.
In the long run, it's not a matter of being smart so much as it is a matter of knowing the capabilities - and shortcomings - of the tool you are using.
f0dder:
And that's something that damned few of 'em do at all, much less do well. All they do is provide a false sense of security, letting folk think they can go anywhere and do anything on the Web with complete impunity.-barney (May 29, 2013, 09:23 PM)
--- End quote ---
...Alternate line of thought: they protect you against drive-by attacks on legitimate but compromised sites. The mass-infection-drive-by attacks usually don't use the very latest 0-day exploits, but a truckload of slightly older exploits. Bleeding-edge exploits are normally used in very targeted attacks.
barney:
-f0dder (May 30, 2013, 07:04 AM)
--- End quote ---
...Alternate line of thought: they protect you against drive-by attacks on legitimate but compromised sites. The mass-infection-drive-by attacks usually don't use the very latest 0-day exploits, but a truckload of slightly older exploits. Bleeding-edge exploits are normally used in very targeted attacks.
[/quote]
Maybe. The one (1) time that I got hit by such, I was using NOD32, supposedly best of breed at the time. The malware sailed through NOD32 as pretty as you please, without so much as a hiccup.
Navigation
[0] Message Index
[*] Previous page
Go to full version